Open Stack Summit 2016 Open Stack Summit Austin
![“Controller” node configuration example – Add the following to /etc/neutron. conf: [DEFAULT] router_distributed =](https://slidetodoc.com/presentation_image_h/77a9d43c281125939d2c39aab469cb01/image-7.jpg "“Controller” node configuration example – Add the following to /etc/neutron. conf: [DEFAULT] router_distributed =")
![“Network” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing](https://slidetodoc.com/presentation_image_h/77a9d43c281125939d2c39aab469cb01/image-8.jpg "“Network” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing")
![“Network” node configuration example – Add the following to /etc/neutron/l 3_agent. ini: [DEFAULT] ha_confs_path](https://slidetodoc.com/presentation_image_h/77a9d43c281125939d2c39aab469cb01/image-9.jpg "“Network” node configuration example – Add the following to /etc/neutron/l 3_agent. ini: [DEFAULT] ha_confs_path")
![“Compute” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing](https://slidetodoc.com/presentation_image_h/77a9d43c281125939d2c39aab469cb01/image-10.jpg "“Compute” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing")
- Slides: 40
Open. Stack®® Summit 2016 Open. Stack Summit. Austin 2016
Configure, Deploy and Troubleshoot DVR SNAT HA Adolfo Duarte Swaminathan Vasudevan Hardik Italia 2
Agenda § Introduction § Configurations § Namespaces § Traffic Flow / Troubleshooting § Lab-Setup & Hands On Exercise. §Q&A 3
Introduction 4
DVR SNAT HA Configuration Overview – There are NO NEW options added to config files: neutron. conf, ml 2. ini, etc… – Enable and configure HA *and* DVR – Set number of agents which will participate in the ha group – Configure default router type: CVR(legacy), DVR, 5
DVR SNAT HA Configuration Overview 6
“Controller” node configuration example – Add the following to /etc/neutron. conf: [DEFAULT] router_distributed = True l 3_ha_net_cidr = 169. 254. 192. 0/18 max_l 3_agents_per_router = 3 min_l 3_agents_per_router = 2 7
“Network” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing = True 8
“Network” node configuration example – Add the following to /etc/neutron/l 3_agent. ini: [DEFAULT] ha_confs_path = /opt/stack/data/neutron/ha_confs ha_vrrp_auth_type = PASS ha_vrrp_auth_password = password ha_vrrp_advert_int = 2 agent_mode = dvr_snat 9
“Compute” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing = True – Add the following to /etc/neutron/l 3_agent. ini: [DEFAULT] agent_mode = dvr 10
L 3 Agent modes: § dvr_snat & dvr 11
Create DVR SNAT HA router: neutron router-create name-of-router --distributed=True --ha=True 12
Qrouter & SNAT Namespaces – HA_Status is available under l 3 -agent-list-hosting-router. – qrouter & snat namespaces on Controller/Network nodes. 13
Qrouter & SNAT Namespaces Controller 1 14
Qrouter & SNAT Namespaces Controller 2 15
Qrouter & SNAT Namespaces § Attach internal networks to router § Attach external network to router 16
Qrouter & SNAT Namespaces Controller 1 17
Qrouter & SNAT Namespaces Controller 2 18
Router namespace on Compute node 19
Traffic flow § East-West § VM to VM § VMs on same compute node. 20
Traffic flow § Neutron ports – OVS ports § sudo ovs-vsctl show § sudo ovs-ofctl dump-port-desc br-int 21
Traffic flow § sudo ovs-ofctl dump-flows br-int § Table 0 - From br-tun with dl_src=LMAC, go to Table 1 § Table 0 – In_port=VM_PORT, ARP, go to Table 24 § Table 0 – In_port=VM_PORT, go to Table 25 § Table 0 - Normal processing. § Table 1 - Strip VLAN_ID, set src_mac=router’s ifce, go to VM port § Table 24 - In_port=VM_PORT, ARP, arp_spa=VM_IP, go to Table 25 § Table 25 – In_port=VM_PORT, dl_src=VM_SRC_MAC, Normal processing 22
Traffic flow § sudo ovs-ofctl dump-flows br-int 23
Traffic flow § sudo ovs-appctl fdb/show br-int 24
Traffic flow § sudo ovs-appctl ofproto/trace <br-name> in_port=N, dl_src=SRC_MAC § man ovs-vswitchd 25
Traffic flow 26
Traffic flow § East-West § VM to VM § VMs on different compute node. § Routing on source node. 27
§ sudo ovs-ofctl dump-flows br-int (Source-Node) § Table 0 – In_port=VM_PORT, go to Table 25 § Table 0 - NORMAL processing. § Table 25 – In_port=VM_PORT, dl_src=VM_SRC_MAC, Normal processing § sudo ovs-ofctl dump-flows br-tun (Source-Node) § Table 0 – From br-int & go to table 1 § Table 1 – Set LMAC & go to table 2 § Table 2 – Unicast & go to table 20 § Table 2 – Multicast/Broadcast & go to table 22 § Table 20 – Strip VLAN_ID, Set Tunnle_ID & Output to Vx. LAN Tunnel. § Table 22 - Strip VLAN_ID, Set Tunnle_ID & Output to Vx. LAN Tunnel. 28
Traffic flow 29
Traffic flow § sudo ovs-ofctl dump-flows br-tun (On Destination Node) § Table 0 – From Vx. LAN tunnels, go to table 4 § Table 4 – Match on tunnel_id, modify to local VLAN_ID, go to Table 9 § Table 9 – Match on LMAC, go to br-int 30
Traffic flow § sudo ovs-ofctl dump-flows br-int (On Destination Node) § Table 0 – From br-tun with dl_src=LMAC, go to Table 1 § Table 1 – Strip VLAN_ID, set src_mac=router’s ifce, go to VM port 31
Traffic flow § CSNAT § VM to External World. 32
Traffic flow § Rules to send traffic from qrouter to snat for external world. 33
Traffic flow § CSNAT HA 34
Traffic flow § CSNAT HA 35
Traffic flow § N-S § External world to VM 36
Traffic flow 37
Traffic flow 38
Lab-Setup & Hands On Exercise. § Instructions for multimode devstack setup. § File: DVR-SNAT-HA-LAB-SETUP-Instructions. pdf § Guide for hands on lab for DVR-SNAT-HA. § File: DVR-SNAT-HA-HANDS-ON-LAB-Instructions. pdf 39
Thank you 40